Pearson Vue Credential Manager System Compromised With Third Party Malware

The massive scale of today’s data breaches this year alone are astronomical, Pearson Vue joins that list this week. Responsible for conducting and controlling millions of exams for people all around the world each year in nearly every walk of industry. They currently hold over a dozen accreditations in a number of different countries for categories that include business continuity, information security, data privacy, and financial controls. Pearson VUE released the following statement earlier this week. “We recently were made aware that an unauthorized third party placed malware on Pearson VUE’s Credential Manager System—which is used by adult learners to support professional certifications and licenses. The unauthorized third party improperly accessed certain information related to a limited set of our users.”

Pearson VUE’s credential Manager System is a stand-alone system used to support adults courses in a number of professional fields. The scope of the breach appears to be isolated to only this system and not any of the testing systems. The system is currently offline while being investigated by law enforcement. A number of major companies use the manager to develop, manage, deliver, and grow their testing programs. CISCO for example uses the Credential Manager system provided by Pearson Vue in order for users to track certain certification that include CCIE, CCNA, CCNP and other Cisco certifications directly through their platform.

CISCO commented on the issue explaining that they believed the compromised information includes individuals who have taken exams or hold a current Cisco certifications, is limited to: name, mailing address, email address, and phone number. “As of now, we do not believe that U.S. Social Security numbers or full payment card information were compromised as a result of this issue. Because the Credential Manager System is custom designed to fit specific customer requirements, we are working to understand how this issue may have affected each of our customers. Users in the U.S. and Canada may call (855) 270-9182. International users may call +011 (512) 201-2203 for more information. Pearson is offering identity protection to affected candidates for one-year at no cost. To schedule an appointment email global@allclearid.com. “As posted by Pearson VUE.

It seems that in this day and age it comes down to a simple formula, another day another breach. Costing companies millions in lost profits and down time that can ruin a company’s reputation in a matter of minutes. No company is invulnerable to cyber-attacks and breaches. Connect with Secure Sense to protect data, your network, and systems 24/7, 365 days a year. Our managed services are designed, developed, and proven before we ever offer anything to customers- unlike other providers that will offer to manage any type of solution. If you have questions or concerns, please contact your Secure Sense account representative directly or call Secure Sense at 866-999-7506.

Please connect with Secure Sense on LinkedIn and follow us on Twitter @Securesense for current company and industry news.